== Bitcoin challenge transaction: ~1000 BTC total bounty to solvers! ==UPDATED==

[digaran]

Assume you possibly have a very old wallet that is corrupted. The wallet is your old wallet and may have a balance. Is it very smart to check for balances online. Use tools online? Or you could sync a full Bitcoin node and import keys to check offline on the full node.

I think offline is smarter and secure. Kind of what Bitcoin is about.

That's a lot of old wallets, I mean maybe Satoshi is the only one with more than 20,000 valuable keys, so no, it's not a good idea to involve bitcoin core or any wallet whatsoever, around these woods the residents tend to pick every address with a balance  more than 0.01 ( some go for lower than that ) and input them to whatever tool they use when they search the key space.  Just wanted to tell you that you are doing it wrong, and checking balance has nothing to do with security, you could use a block explorer via api to check for balance.

I guess you are lost and stumbled upon our garden, something tells me you don't even know what this topic is all about. Lol

[MrlostinBTC]

Assume you possibly have a very old wallet that is corrupted. The wallet is your old wallet and may have a balance. Is it very smart to check for balances online. Use tools online? Or you could sync a full Bitcoin node and import keys to check offline on the full node.

I think offline is smarter and secure. Kind of what Bitcoin is about.

That's a lot of old wallets, I mean maybe Satoshi is the only one with more than 20,000 valuable keys, so no, it's not a good idea to involve bitcoin core or any wallet whatsoever, around these woods the residents tend to pick every address with a balance  more than 0.01 ( some go for lower than that ) and input them to whatever tool they use when they search the key space.  Just wanted to tell you that you are doing it wrong, and checking balance has nothing to do with security, you could use a block explorer via api to check for balance.

I guess you are lost and stumbled upon our garden, something tells me you don't even know what this topic is all about. Lol

Lets keep it on topic. For anyone looking to go the Valid WIF method. You can import a massive amount of keys through Bitcoin core using the importwallet command. The import text has to be in a specific format but the address does not have to be correct only valid. BTC core will ignore the address and import the WIF and basically ignores the address. I will give a small sample of a importwallet file. You MUST HAVE A FULLY SYNCED NODE!

5JBWV6pN7wQyxahtDswBuC1iwRpe3ftW2wBYqsEU3XQpqQaT85C 2009-01-18T17:45:44Z change=1 # addr=116Bp1UUknPpRuiwJBhdLmAvbvNitTTkNJ
5JBWV6pN7wMnshciffX9P9pCsy37EGgMwYYY4MMERBb7WXdkVK4 2009-01-18T17:45:44Z change=1 # addr=116Bp1UUknPpRuiwJBhdLmAvbvNitTTkNJ
5JBWV6pN7hGsLCpYUsQ2oSyXbk561q6e9dB5ATD61gziSgL7Yuy 2009-01-18T17:45:44Z change=1 # addr=116Bp1UUknPpRuiwJBhdLmAvbvNitTTkNJ
5JBWV6pM3XYYK71aqHzz3C89zWoj6vGBU4SN6KFzKVAu4cJ32DU 2009-01-18T17:45:44Z change=1 # addr=116Bp1UUknPpRuiwJBhdLmAvbvNitTTkNJ
5JBWV6jceaibTTjxytGnheCnVy1RZiNQqZw5qE4rsJ7n8n75Pwo 2009-01-18T17:45:44Z change=1 # addr=116Bp1UUknPpRuiwJBhdLmAvbvNitTTkNJ
5JBWUjrVNb6ULxoiuA2kQkdvVce1qDsRmkhKEJwyGWMC61JUbRx 2009-01-18T17:45:44Z change=1 # addr=116Bp1UUknPpRuiwJBhdLmAvbvNitTTkNJ

This format compressed or uncompressed will work with WIF imports.

All the keys will import ignoring the address, but you still have to have the address. change addresses are not relevant it will still pickup a added value. The core will skip it and you can watch the real addresses in debug.txt

After import the entire blockchain will rescan. Addresses will be updated to WIF. It takes a few hours. You can do this offline. During this time you can monitor debug.txt in ./bitcoin for any added transactions to the keys you imported.

I think I have done about 20,000-40,000 keys from raw data. Speed is only slightly impaired with a massive amount of keys. The core does have its limits however and anything over 40,000 keys at a time will probably brick it.

I am also sure you could use known addresses to compare and skip this information. In my case I did not know the address I was looking for. It was 64kb of a corrupted wallet of my own from 2009....

[digaran]

5JBWV6pN7wQyxahtDswBuC1iwRpe3ftW2wBYqsEU3XQpqQaT85C 2009-01-18T17:45:44Z change=1 #

I am also sure you could use known addresses to compare and skip this information. In my case I did not know the address I was looking for. It was 64kb of a corrupted wallet of my own from 2009....

Is this the private key you were looking for?   3030303030302033303331203330333020333033302033303331203331333120

How can you not know the addresses? After all, you mined them all and their addresses exist on block chain and any explorer, but the main question is, why are you looking for Satoshi's addresses from 2009? This is disappointing.

Wait , are you saying you are Satoshi? Are you familiar with our ancient tradition? We  call it circular gangBJ, whenever a former clan master returns we make him to give all clan members BJ while we stand in a circle.🤣 I hope you have good knees because you'll have to be on them for a while.   Welcome back. Lol

No offense to @real_Satoshi.

[Etar]

@WanderingPhilospher, after our conversation, i decided to brainstorm myself. I have made so many different modifications, but none of them gives a double increase in the speed of a kangaroo.
I tried  jacobian coordinates, tried not to load Y, but calculate it on the fly and much, much more..
Perhaps i misunderstood you and did not double the speed, but doubled the number of DP found?
What do i mean, if for example, 1660super with a grid 88,128 (PL60%) have a speed of 880MK/s, then in your modified version with the same grid you will have a speed of 1600MK/s or same speed 880MK/s but with doubled the number of DP?
Some calculations..
1660super have memory bandwith 369GB/s
Even if just read x,y,dist=96b, do simple additions with this values(just so the compiler doesn't ignore) and save x,y,dist (total 192b of memory operations) than speed 369/192 = 1.92Gb/s  And this without making any calculation over the points
So to be honest, achieving 1600Mk on 1660super with a grid 88,128 is simply unrealistic..

P.S. And as as i say early here one way to double DPs
That is result of normal kangaroo (puzzle #70)

Code:

Expected: operations 2^37.08, HT size: 101.24Mb
GPU code #ND128
GPU #0 Generate kangaroos: 1441792 items
GPU #0 Done in 00:00:03s
Kangaroo array removed, freed:132.00Mb
Checker thread started
0[1][839]839 MKeys/s[dead:1][HT:69.75Mb DP 2^20.54 OP 2^36.54] t:1m 54s
Pub: 0290e6900a58d33393bc1097b5aed31f2e4e7cbd3e5466af958665bc0121248483
 Priv: 0x349b84b6431a6c4ef1

speed = 2^36.54op / 114s = 876MK/s
And that is result of using addition negative coordinate of jump point

Code:

Expected: operations 2^37.08, HT size: 101.24Mb
GPU code #ND128
GPU #0 Generate kangaroos: 1441792 items
GPU #0 Done in 00:00:03s
Kangaroo array removed, freed:132.00Mb
Checker thread started
0[1][680]680 MKeys/s[dead:0][HT:81.88Mb DP 2^20.78 OP 2^36.78] t:1m 24s
Pub: 0290e6900a58d33393bc1097b5aed31f2e4e7cbd3e5466af958665bc0121248483
 Priv: 0x349b84b6431a6c4ef1
1|1

1|1 exacly show that solution finded by wildDP and tameDP that are both prodused from negative jump
totaly speed little drop due to calculation of negative jump but DPs count grow
2^36.78op / 84s = 1404MK/s

[digaran]

Why there is no activity around these woods? Chop chop people, get to work.
If it helps, I am 99.99% sure that puzzle #125 starts with 1a. I just don't know how could that be of any help other than lowering the bit range, but if there is any secret behind it, do let me know.😉
Something to work on. Please do your calculations and tell me if I'm wrong.

2000 (2^125) = 037e2cd40ef8c94077f44b1d1548425e3d7e125be646707bad2818b0eda7dc0151
1700 = (puzzle #125) = 0233709eb11e0d4439a729f21c2c443dedb727528229713f0065721ba8fa46f00e
300 = 0286936a275e6d53bb2b2718c93d8a5aa44f371f6e0300abb73b89dd851d2fbe88
700 = 03ed01ff219ed5c1afc12d991a82e3063ddcee1fd53b46f7cad52a0d87a7112aed
400 = 02a64a0b3739ddccddece6d90407c925717c75467cc8ce46321d73ec2663320130
200 = 0339ddd9a2a1a113c105175e17903c1f72326ff89b109efc8b976cc9916429c9c4
100 = 031f45d50a743e772f27543272ff4aba36da659540af3185907ad08e68ed0eee4f

And here is 500 = 2^123

500 = 020bfc0504a4b3235d065c0d426b8675fcb2c85d6f58275d791b43e1fe44a6db03

0000000000000000000000000000000008000000000000000000000000000000

I will leave a quote from gmaxwell here, I don't know whether my calculations are proving the #125 is in the range between 2^124 and 2^125 or not?

With the help of someone knowing the secret they could prove it was in a range using a confidential-transactions like zero knowledge range proof. (which is exactly what CT does... proves the values are in  a range like [0,2^32) that couldn't overflow.)

[tifosi87]

Why there is no activity around these woods? Chop chop people, get to work.
If it helps, I am 99.99% sure that puzzle #125 starts with 1a. I just don't know how could that be of any help other than lowering the bit range, but if there is any secret behind it, do let me know.😉
Something to work on. Please do your calculations and tell me if I'm wrong.

2000 (2^125) = 037e2cd40ef8c94077f44b1d1548425e3d7e125be646707bad2818b0eda7dc0151
1700 = (puzzle #125) = 0233709eb11e0d4439a729f21c2c443dedb727528229713f0065721ba8fa46f00e
300 = 0286936a275e6d53bb2b2718c93d8a5aa44f371f6e0300abb73b89dd851d2fbe88
700 = 03ed01ff219ed5c1afc12d991a82e3063ddcee1fd53b46f7cad52a0d87a7112aed
400 = 02a64a0b3739ddccddece6d90407c925717c75467cc8ce46321d73ec2663320130
200 = 0339ddd9a2a1a113c105175e17903c1f72326ff89b109efc8b976cc9916429c9c4
100 = 031f45d50a743e772f27543272ff4aba36da659540af3185907ad08e68ed0eee4f

And here is 500 = 2^123

500 = 020bfc0504a4b3235d065c0d426b8675fcb2c85d6f58275d791b43e1fe44a6db03

0000000000000000000000000000000008000000000000000000000000000000

I will leave a quote from gmaxwell here, I don't know whether my calculations are proving the #125 is in the range between 2^124 and 2^125 or not?

With the help of someone knowing the secret they could prove it was in a range using a confidential-transactions like zero knowledge range proof. (which is exactly what CT does... proves the values are in  a range like [0,2^32) that couldn't overflow.)

what calculation do you have made

[MrlostinBTC]

what calculation do you have made

*Insert random numbers
*Insert random logic

Puzzle 125 starts with 1A. I understood it

[digaran]

what calculation do you have made

*Insert random numbers
*Insert random logic

Puzzle 125 starts with 1A. I understood it

Lol, weren't you satoshi himself just yesterday? You should already know all the keys of all puzzles!

My estimations are rounded up numbers and they could be inversed/ backwards, since I calculate from greater keys down the bit range, I could be 99.99% off the correct path, I am still working on validating the exact range, though if the puzzle key was out of the 2^125 range, like in 128 bit, I could tell according to my calculations.

The keys and their value representations I provided above are for simplicity, though we could calculate the keys based on decimal values of bit ranges.

For example, we could consider 2^124 as 16 in decimal and 2^125 as 32, we could as well call 2^124  "21" in decimal, I chose to represent 2^124 as 1000 in decimal.

The other miscalculation of mine could be due to the fact that I focus on hexadecimal representation of keys too much, therefore I could have confused the hex characters with their mirror versions, i.e, if we divide "a" by 2, we would get 5, dividing 1 by 2 will result in "e" and depending on each character on the right side of a hex character, the result of dividing them could differ and cause more confusion, which is why I might be off with my numbers.

One thing I have failed so far to figure out, is to subtract a key from another key to land on a rounded key. But my random logic and random numbers stop me from moving forward.😉

[MrlostinBTC]

I never claimed to be Satoshi. But my experience comes from running client 0.2 and losing that wallet. Keeping it on topic here. Feel free to go through my post history.

Download from this link early on https://bitcointalk.org/index.php?topic=16.0

Does anyone know a GPU CUDA platform that can process MKEY and CKEY values. Like crackBTCwallet? https://github.com/albertobsd/crackBTCwallet

[J1980]

Just wondering I get on the 125-bit puzzle (BSGS) search using Keyhunt (CPU) 192 Pkeys/s
(using this best test settings on a i7: -t8 -k1024)

How is it doing compared to a decent GPU?

[james5000]

Please can someone help me to implement private hex key to hash160 in gpu cuda c++? I believe I have found a possible way to eliminate too many checks, leaving the challenge interval 66 to about 27 trillion , please

[rosengold]

Please can someone help me to implement private hex key to hash160 in gpu cuda c++? I believe I have found a possible way to eliminate too many checks, leaving the challenge interval 66 to about 27 trillion , please

https://github.com/XopMC/CudaBrainSecp/blob/main/GPU/GPUSecp.cu


all you need is there. mod mult, mod add, sha256 and hash160 for cuda.

[digaran]

Some updates on my previous hints!

If we add this key (later multiply it by 2 and 4 to see what result you get)
0209393576e52df0c10a165b31ac6d1da4ffb01da64c10fc496765ac823bdd7b3b
To this known key
0x4000000000000000000000000000000
We will reach this one
028e99d794f780a074945a2c53abb69184f46f07a707aab1a618a849f935224d0a

And if we double each of them, we will see something interesting, and I didn't even divide any key using division op.

[CryptoHFs]

What is the difference between that and Dat file scams

[JDScreesh]

Hello there  

Congratulations to the solver (or solvers) of the puzzle #125 👍🏼

Looks like was the same person (or people) who solved the puzzle # 120 

[s.john]

yeah, I'm not confident anymore about the security of Bitcoin and secp256k1, especially when the solvers of these large keys are not willing to share what methods they used to reveal the private keys, the whole purpose of this challenge is to prove the immunity of the math behind bitcoin from any attack, so when someone is able to solve the challenge and not coming out to explain the method, this is basically telling us that someone knows a backdoor.

[Etar]

He/they solved puzzle #120 27.02.2023
Most likely after that they immediately moved on to solving puzzle #125 that was solved 09.7.2023
In total it took them about 130 days = 11232000s = 2^23.42s
Expected op for #125 2^63.4 so solving speed around 2^40 op/s
If for ex. GPU speed 2^32(~4Gkey/s) than need 256 GPUs to solve #125 puzzle in 130 days.
I don't see anything out of the ordinary here.

As far as I understand, these people have access to a large number of GPUs
In addition, they already have additional funds to rent additional GPUs to speed up the process of finding #130 puzzles.
In order to defeat this monopoly, it is necessary to unite.
Creating a pool does not make sense for many reasons.
I propose an alternative solution that will also require the participation of each hunter.

We can use fraction-kangaroo or just a python script that will divide #130 puzzles into 2^20 pieces.
Each hunter will look at least for 1 key in the range of 109 bits.
Search position in the range from 0 to 2^20-1 everyone can determine himself randomly.
If you have multiple rigs you can use multiple random positions for each rig.
For example, a rig of 6 3070 will be able to find or say with a probability of 75% that there is no key in this range for 90 days

Thus, if we can cover 2^20 positions at the same time, then one of us will find the key in 90 days.
Naturally, the prize will remain with the winner. But each participant will at least have a chance and will not require too many resources from each.
3Emiwzxme7Mrj4d89uqohXNncnRM15YESs  will need at least 1500GPUs to solve #130 puzzle in this time.

Otherwise, if everyone tries to look for a puzzle #130 with their few rigs in the entire range 2^129, then I can definitely say that these guys 3Emiwzxme7Mrj4d89uqohXNncnRM15YESs will find it earlier.

Here is python scrypt that devide 2^129 bit range by 2^20 with random position:

Code:

import random
import math

def inverse(x, p):
    """
    Calculate the modular inverse of x ( mod p )    
    """
    inv1 = 1
    inv2 = 0
    n=1
    while p != 1 and p!=0:        
        quotient = x // p        
        inv1, inv2 = inv2, inv1 - inv2 * quotient
        x, p = p, x % p        
        n = n+1
    
    return inv2

def dblpt(pt, p):
    """
    Calculate pt+pt = 2*pt
    """
    if pt is None:
        return None
    (x,y)= pt
    if y==0:
        return None 
    
    slope= 3*pow(x,2,p)*pow(2*y,p-2,p)  
    xsum= pow(slope,2,p)-2*x     
    ysum= slope*(x-xsum)-y 
    
    return (xsum%p, ysum%p)

def addpt(p1,p2, p):
    """
    Calculate p1+p2
    """
    if p1 is None or p2 is None:
        return None
    (x1,y1)= p1
    (x2,y2)= p2
    if x1==x2:
        return dblpt(p1, p)        
        
    # calculate (y1-y2)/(x1-x2)  modulus p    
    slope=(y1-y2)*pow(x1-x2,p-2,p)
    xsum= pow(slope,2,p)-(x1+x2)  
    ysum= slope*(x1-xsum)-y1 
    
    return (xsum%p, ysum%p)

def ptmul(pt,a, p):
    """
    Calculate pt*a
    """
    scale= pt    
    acc=None
    while a:        
        if a&1:
            if acc is None:
                acc= scale                 
            else:     
                acc= addpt(acc,scale, p)             
        scale= dblpt(scale, p)
        a >>= 1
        
    return acc

def ptdiv(pt,a,p,n):  
    """
    Calculate pt/a
    """   
    divpt=inverse(a, n)%n 
    
    return ptmul(pt, divpt, p)


def getuncompressedpub(compressed_key):
    """
    returns uncompressed public key
    """
    y_parity = int(compressed_key[:2]) - 2    
    x = int(compressed_key[2:], 16)
    a = (pow(x, 3, p) + 7) % p
    y = pow(a, (p+1)//4, p)    
    if y % 2 != y_parity:
        y = -y % p   
        
    return (x,y)

def compresspub(uncompressed_key):
    """
    returns compressed public key
    """
    (x,y)=uncompressed_key
    y_parity = y&1 
    head='02'
    if y_parity ==1:
        head='03'    
    compressed_key = head+'{:064x}'.format(x) 
    
    return compressed_key


#secp256k1 constants
Gx=0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
Gy=0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8
n=0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141
p = 2**256 - 2**32 - 977
g= (Gx,Gy)


rangePower=129
rb=2**rangePower
re=2**(rangePower+1)-1
print ("Bit range 2^",math.log2(re-rb))
print ("Begin > 0x%x"%rb,">DEC ",rb)
print ("End   > 0x%x"%re,">DEC ",re)

#MANUAL

compressed_key='03633CBE3EC02B9401C5EFFA144C5B4D22F87940259634858FC7E59B1C09937852'
point=getuncompressedpub(compressed_key)
divisor = pow(2,20)
print("")

rbdiv = rb//divisor
rediv = re//divisor
print ("Div Begin > 0x%x"%rbdiv,">DEC ",rbdiv)
print ("Div End   > 0x%x"%rediv,">DEC ",rediv)
print ("Div Bit range 2^",math.log2(rediv-rbdiv))
newpub=ptdiv(point,divisor,p,n)
(partGx,partGy)=ptdiv(g,divisor,p,n)
idx=random.randrange(0,divisor-1)
#Randomly generate position in range 0..divisor-1
print("pos > 0x%x"%idx)
if idx<divisor:
    if idx==0:
        (searchpubx,searchpuby)=newpub
        (fracX, fracY)=(partGx,partGy)
    else:   
        (fracX, fracY)=ptmul((partGx,partGy),idx,p)        
        (searchpubx,searchpuby) = addpt(newpub,(fracX,p-fracY), p)
        (fracX, fracY) = addpt((fracX, fracY),(partGx,partGy), p)   
    print("searchpub > ",compresspub((searchpubx,searchpuby)))
else:
    print("idx>=divisor")

[CryptoHFs]

He/they solved puzzle #120 27.02.2023
Most likely after that they immediately moved on to solving puzzle #125 that was solved 09.7.2023
In total it took them about 130 days = 11232000s = 2^23.42s
Expected op for #125 2^63.4 so solving speed around 2^40 op/s
If for ex. GPU speed 2^32(~4Gkey/s) than need 256 GPUs to solve #125 puzzle in 130 days.
I don't see anything out of the ordinary here.

As far as I understand, these people have access to a large number of GPUs
In addition, they already have additional funds to rent additional GPUs to speed up the process of finding #130 puzzles.
In order to defeat this monopoly, it is necessary to unite.
Creating a pool does not make sense for many reasons.
I propose an alternative solution that will also require the participation of each hunter.

We can use fraction-kangaroo or just a python script that will divide #130 puzzles into 2^20 pieces.
Each hunter will look at least for 1 key in the range of 109 bits.
Search position in the range from 0 to 2^20-1 everyone can determine himself randomly.
If you have multiple rigs you can use multiple random positions for each rig.
For example, a rig of 6 3070 will be able to find or say with a probability of 75% that there is no key in this range for 90 days

Thus, if we can cover 2^20 positions at the same time, then one of us will find the key in 90 days.
Naturally, the prize will remain with the winner. But each participant will at least have a chance and will not require too many resources from each.
3Emiwzxme7Mrj4d89uqohXNncnRM15YESs  will need at least 1500GPUs to solve #130 puzzle in this time.

Otherwise, if everyone tries to look for a puzzle #130 with their few rigs in the entire range 2^129, then I can definitely say that these guys 3Emiwzxme7Mrj4d89uqohXNncnRM15YESs will find it earlier.

In your example what is the cost of 1 gpu?

[digaran]

We need to see the private keys for #120 & #125, we deserve that much.

[dextronomous]

hi there etar,

Here is python scrypt that devide 2^129 bit range by 2^20 with random position:

Code:

import random
import math

def inverse(x, p):
    """
    Calculate the modular inverse of x ( mod p )    
    """
    inv1 = 1
    inv2 = 0
    n=1
    while p != 1 and p!=0:        
        quotient = x // p        
        inv1, inv2 = inv2, inv1 - inv2 * quotient
        x, p = p, x % p        
        n = n+1
    
    return inv2

def dblpt(pt, p):
    """
    Calculate pt+pt = 2*pt
    """
    if pt is None:
        return None
    (x,y)= pt
    if y==0:
        return None 
    
    slope= 3*pow(x,2,p)*pow(2*y,p-2,p)  
    xsum= pow(slope,2,p)-2*x     
    ysum= slope*(x-xsum)-y 
    
    return (xsum%p, ysum%p)

def addpt(p1,p2, p):
    """
    Calculate p1+p2
    """
    if p1 is None or p2 is None:
        return None
    (x1,y1)= p1
    (x2,y2)= p2
    if x1==x2:
        return dblpt(p1, p)        
        
    # calculate (y1-y2)/(x1-x2)  modulus p    
    slope=(y1-y2)*pow(x1-x2,p-2,p)
    xsum= pow(slope,2,p)-(x1+x2)  
    ysum= slope*(x1-xsum)-y1 
    
    return (xsum%p, ysum%p)

def ptmul(pt,a, p):
    """
    Calculate pt*a
    """
    scale= pt    
    acc=None
    while a:        
        if a&1:
            if acc is None:
                acc= scale                 
            else:     
                acc= addpt(acc,scale, p)             
        scale= dblpt(scale, p)
        a >>= 1
        
    return acc

def ptdiv(pt,a,p,n):  
    """
    Calculate pt/a
    """   
    divpt=inverse(a, n)%n 
    
    return ptmul(pt, divpt, p)


def getuncompressedpub(compressed_key):
    """
    returns uncompressed public key
    """
    y_parity = int(compressed_key[:2]) - 2    
    x = int(compressed_key[2:], 16)
    a = (pow(x, 3, p) + 7) % p
    y = pow(a, (p+1)//4, p)    
    if y % 2 != y_parity:
        y = -y % p   
        
    return (x,y)

def compresspub(uncompressed_key):
    """
    returns compressed public key
    """
    (x,y)=uncompressed_key
    y_parity = y&1 
    head='02'
    if y_parity ==1:
        head='03'    
    compressed_key = head+'{:064x}'.format(x) 
    
    return compressed_key


#secp256k1 constants
Gx=0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
Gy=0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8
n=0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141
p = 2**256 - 2**32 - 977
g= (Gx,Gy)


rangePower=129
rb=2**rangePower
re=2**(rangePower+1)-1
print ("Bit range 2^",math.log2(re-rb))
print ("Begin > 0x%x"%rb,">DEC ",rb)
print ("End   > 0x%x"%re,">DEC ",re)

#MANUAL

compressed_key='03633CBE3EC02B9401C5EFFA144C5B4D22F87940259634858FC7E59B1C09937852'
point=getuncompressedpub(compressed_key)
divisor = pow(2,20)
print("")

rbdiv = rb//divisor
rediv = re//divisor
print ("Div Begin > 0x%x"%rbdiv,">DEC ",rbdiv)
print ("Div End   > 0x%x"%rediv,">DEC ",rediv)
print ("Div Bit range 2^",math.log2(rediv-rbdiv))
newpub=ptdiv(point,divisor,p,n)
(partGx,partGy)=ptdiv(g,divisor,p,n)
idx=random.randrange(0,divisor-1)
#Randomly generate position in range 0..divisor-1
print("pos > 0x%x"%idx)
if idx<divisor:
    if idx==0:
        (searchpubx,searchpuby)=newpub
        (fracX, fracY)=(partGx,partGy)
    else:   
        (fracX, fracY)=ptmul((partGx,partGy),idx,p)        
        (searchpubx,searchpuby) = addpt(newpub,(fracX,p-fracY), p)
        (fracX, fracY) = addpt((fracX, fracY),(partGx,partGy), p)   
    print("searchpub > ",compresspub((searchpubx,searchpuby)))
else:
    print("idx>=divisor")

[/quote]

so if the private key found with this divisor = pow(2,20) can i adjust higher 2/30 ? how to get the private of 130
in console if the next pubkey found belonging to pubkey below. thanks man.>

Div Bit range 2^ 109.0
pos > 0xc3273
searchpub > 023